IN THE CLAIMS: 




1. (Currently Amended) A method for notifying a central authority of changes to a 
trusted computing installation, comprising the steps of: 

determining that a user has made a security modification to a portion of the 
trusted computing installation under user control; 

determining that the security modification is a notification event if the security 
modification is a predetermined event indicative of an attempt to circumvent a security 
mechanism of the trusted computing installation of inter e st : and 

sending the central authority a notification of the security modification, in 
response to determining that the security modification is a notification event . 

2, (Currently Amended) The method as described in Claim 1 wherein the 
notification predetermined event is chosen firom the group consisting of a failed applet 
signature verification , an addition of a certificate in a certificate database and a 
modification of a certificate in a certificate database. 



3. (Currently Amended) The method as described in Claim 1 wherein the 
notification predetermined event is an addition of a c e rtificat e in a certificat e databas e 
created by a Java applet wishing to run with higher privileges and further comprising the 
steps of: 

verifying a signature of the Java applet; 

responsive to a failed verification of the signature, running the applet as untrusted; 

and 

sending the central authority a notification of the failed verification . 

4. (Currently Amended) The method as described in Claim 1 wherein the 
notification e v e nt is a modification of a c e rtificat e in a c e rtificat e databas e central 
authority provides a mechanism wherein the group of predetermined events can be 
modified by an authorized user . 
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5. (Currently Amended) The method as described in Claim 1 wherein the 
notification is chosen fi"om the group consisting of an SNMP alert , an e-mail a screen 
message and an online database . 

6. (Currently Amended) The method as described in Claim 1 wherein the security 
modification is to allow untrusted code to run in the trusted computing installation tbe 
notification is an e mail 

7. (Currently Amended) The method as described in Claim 1 wherein 
the notification is a log in an onlin e databas e step of determining that the security 
modification is a notification event is accomplished by an abstract class instantiation 
which defines the type of notification in a concrete implementation of the abstract class 
instantiation . 

8. (Currently Amended) The method as described in Claim 1 wherein the 
notification is a scre e n m e ssag e trusted computing installation fiirther comprises a Java 
Virtual Machine resident in a local machine under user control . 

9. (Currently Amended) A method of notifying a central authority of changes to a - 
trusted computing installation, comprising the steps of: 

determining that a user has made a security modification to a portion of the 
trusted computing installation under user control; 

invoking a security notification manager class; 

instantiating the security manager class with an instance that determines that the 
security modification is a notification even t if the security modification is a 
predetermined event indicative of an attempt to circumvent a security mechanism of the 
trusted computing installation of int e r e st : and 

sending the central authority a notification of the security modification, in 
response to determining that the security modification is a notification event . 
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10. (Original) The method as described in Claim 9 wherein the notification is 
selected from a group of notifications consisting of: an SNMP alert, an e-mail, a database 
log, and a screen message. 

1 1 . (Original) The method as described in Claim 9 wherein the determining step 
executes a given control routine when the user has made a security modification to a 
portion of the trusted computing installation under user control. 

12. (Original) The method as described in Claim 1 1 wherein the portion of the 
trusted computing installation is an applet signature verification routine. 

13. (Original) The method as described in Claim 1 1 wherein the portion of the 
trusted computing installation is a certificate modification routine. 

14. (Currently Amended) A method for notifying a central authority of changes to a 
trusted computing installation, comprising the steps of: 

upon a given security modification, invoking a security notification manager 

class; 

extending the security notification manager class with one of a set of instances, 
wherein a given instance determines that the security modification is a notification event 
if the securitv modification is a predetermined event indicative of an attempt to 
circumvent a securitv mechanism of the trusted computing installation of int e r e st , and 

sending the central authority a notification of the security modification, in 
response to determining that the securitv modification is a notification event . 

15. (Currently Amended) A computer program product in a computer-useable 
medium for notifying an authority of changes to a trusted computing installation, 
comprising: 

a security notification manager class; 

at least one class instance for the security notification manager class for 
determining that a given security modification is a notification event if the securitv 
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modification is a predetermined event indicative of an attempt to circumvent a security 
mechanism of the trusted computing installation of int e r e st : and 

means for sending the authority a notification of the given security modification 
in response to determining that the security modification is a notification event . 

16. (Original) The computer program product as described in Claim 15 wherein the 
notification is selected fi-om a group of notifications consisting of: an SNMP alert, an e- 
mail, a database log, and a screen message. 

17. (Original) The computer program product as described in Claim 15 fiirther 
including a control routine for determining when the user has made a security 
modification to a portion of the trusted computing installation to generate the given 
security modification. 

18. (Currently Amended) A computer program product in a computer-readable 
medium for notifying an authority of changes to a trusted computing installation, 
comprising: 

a control routine executed upon a given security modification in the trusted 
computing installation for invoking an abstract Java class; 

at least one class instance for the abstract Java class for determining that the given 
security modification is a notification event if the security modification is a 
predetermined event indicative of an attempt to circumvent a security mechanism of the 
trusted computing installation of int e r e st ; and 

means for sending the authority a notification of the given security modification 
in response to determining that the security modification is a notification event . 

19. (Currently Amended) A trusted computing base, comprising: 
untrusted code executing in the trusted computing base; 

means operative as the untrusted code is executed for determining whether a 
given security modification has occurred , wherein the given security modification is a 
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predetermined event indicative of an attempt to circumvent a security mechanism of the 
trusted computing base ; 

means responsive to the occurrence of the given security modification for 
invoking a security notification manager class that issues a given notification. 

20. (Currently Amended) The trusted computing base as described in Claim 19 
further including a set of one or more security notification manager class instances, 
wherein a given security notification manager class instance extends the security 
notification manager class to identify a given security modification of int e r e st . 

21. (Original) The trusted computing base as described in Claim 20 wherein a given 
security manager class instance includes at least first and second rules, wherein the first 
rule triggers a first notification and the second rule triggers a second notification. 

22. (Currently Amended) A notification service for a trusted computing installation, 
comprising: 

a pluggable fi*amework for receiving a set of notification objects, wherein each 
notification objects identifies a given notification that is issued upon a given security 
modification to the trusted computing installation , wherein the given security 
modification is a predetermined event indicative of an attempt to circumvent a security 
mechanism of the trusted computing base ; and 

means for issuing the given notification upon the occurrence of its associated 
security modification. 

23. (Original) The notification service as described in Claim 22 wherein the given 
notification is selected fi"om a group of notifications consisting of: an SNMP alert, an e- 
mail, a database log, and a screen message. 
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